以GoogleOpenID 为例,试验了OAuth单点登录的用法:

 <dependency>

     <groupId>org.openid4java</groupId>

     <artifactId>openid4java</artifactId>

     <version>0.9.8</version>

 </dependency>
 import java.util.List;

 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 import org.openid4java.OpenIDException;

 import org.openid4java.consumer.ConsumerManager;

 import org.openid4java.consumer.VerificationResult;

 import org.openid4java.discovery.DiscoveryInformation;

 import org.openid4java.discovery.Identifier;

 import org.openid4java.message.AuthRequest;

 import org.openid4java.message.AuthSuccess;

 import org.openid4java.message.ParameterList;

 import org.openid4java.message.ax.AxMessage;

 import org.openid4java.message.ax.FetchRequest;

 import org.openid4java.message.ax.FetchResponse;

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.RequestMapping;

 import org.springframework.web.util.UriComponentsBuilder;

 import com.google.common.base.Throwables;

 @Controller

 @RequestMapping("/openid")

 @SuppressWarnings("rawtypes")

 public class SecurityOpenIDController {

     public static final String GOOGLE_ENDPOINT = "https://www.google.com/accounts/o8/id";

     private static final Logger LOGGER = LoggerFactory.getLogger(SecurityOpenIDController.class);

     public final ConsumerManager manager = new ConsumerManager();

     @RequestMapping("/login")

     public void login(

             UriComponentsBuilder builder,

             HttpServletRequest request,

             HttpServletResponse response

         ) throws Exception

     {

         // configure the return_to URL where your application will receive

         // the authentication responses from the OpenID provider

         String returnUrl = builder.path("/openid/return").build().toUriString();

         // --- Forward proxy setup (only if needed) ---

         // ProxyProperties proxyProps = new ProxyProperties();

         // proxyProps.setProxyName("proxy.example.com");

         // proxyProps.setProxyPort(8080);

         // HttpClientFactory.setProxyProperties(proxyProps);

         // perform discovery on the user-supplied identifier

         List discoveries = manager.discover(GOOGLE_ENDPOINT);

         // attempt to associate with the OpenID provider

         // and retrieve one service endpoint for authentication

         DiscoveryInformation discovered = manager.associate(discoveries);

         // store the discovery information in the user's session

         request.getSession().setAttribute("openid-disc", discovered);

         // obtain a AuthRequest message to be sent to the OpenID provider

         AuthRequest authReq = manager.authenticate(discovered, returnUrl);

         // attribute Exchange

         FetchRequest fetch = FetchRequest.createFetchRequest();

         fetch.addAttribute("email", "http://axschema.org/contact/email", true);

         fetch.addAttribute("firstName", "http://axschema.org/namePerson/first", true);

         fetch.addAttribute("lastName", "http://axschema.org/namePerson/last", true);

         // attach the extension to the authentication request

         authReq.addExtension(fetch);

         if (!discovered.isVersion2()) {

             // Option 1: GET HTTP-redirect to the OpenID Provider endpoint

             // The only method supported in OpenID 1.x

             // redirect-URL usually limited ~2048 bytes

             response.sendRedirect(authReq.getDestinationUrl(true));

         } else {

             // Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

             response.sendRedirect(authReq.getDestinationUrl(true));

         }

     }

     @RequestMapping("/return")

     public void verifyResponse(HttpServletRequest request) {

         String email = null;

         String lastName = null;

         String firstName = null;

         try {

             // extract the parameters from the authentication response

             // (which comes in as a HTTP request from the OpenID provider)

             ParameterList response = new ParameterList(request.getParameterMap());

             // retrieve the previously stored discovery information

             DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");

             // extract the receiving URL from the HTTP request

             StringBuffer receivingURL = request.getRequestURL();

             String queryString = request.getQueryString();

             if (queryString != null && queryString.length() > 0) {

                 receivingURL.append("?").append(request.getQueryString());

             }

             // verify the response; ConsumerManager needs to be the same

             // (static) instance used to place the authentication request

             VerificationResult verification = manager.verify(receivingURL.toString(), response, discovered);

             // examine the verification result and extract the verified

             // identifier

             Identifier verified = verification.getVerifiedId();

             if (verified != null) {

                 AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                 if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {

                     FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);

                     List emails = fetchResp.getAttributeValues("email");

                     email = (String) emails.get(0);

                     List lastNames = fetchResp.getAttributeValues("lastName");

                     lastName = (String) lastNames.get(0);

                     List firstNames = fetchResp.getAttributeValues("firstName");

                     firstName = (String) firstNames.get(0);

                     LOGGER.debug("email: {}", email);

                     LOGGER.debug("lastName: {}", lastName);

                     LOGGER.debug("firstName: {}", firstName);

                 }

                 // success

                 // 在这里与安全框架集成 apache-shiro/spring-security

                 // 这里要根据相关的信息自己定义Principal

             }

         } catch (OpenIDException e) {

             LOGGER.error(e.getMessage(), e);

             Throwables.propagate(e);

         }

     }

 }

spring-mvc 与 openid4java的更多相关文章

  1. 如何用Java类配置Spring MVC(不通过web.xml和XML方式)

    DispatcherServlet是Spring MVC的核心,按照传统方式, 需要把它配置到web.xml中. 我个人比较不喜欢XML配置方式, XML看起来太累, 冗长繁琐. 还好借助于Servl ...

  2. Spring MVC重定向和转发以及异常处理

    SpringMVC核心技术---转发和重定向 当处理器对请求处理完毕后,向其他资源进行跳转时,有两种跳转方式:请求转发与重定向.而根据要跳转的资源类型,又可分为两类:跳转到页面与跳转到其他处理器.对于 ...

  3. Spring MVC入门

    1.什么是SpringMvc Spring MVC属于SpringFrameWork的后续产品,已经融合在Spring Web Flow里面.Spring 框架提供了构建 Web 应用程序的全功能 M ...

  4. Spring7:基于注解的Spring MVC(下篇)

    Model 上一篇文章<Spring6:基于注解的Spring MVC(上篇)>,讲了Spring MVC环境搭建.@RequestMapping以及参数绑定,这是Spring MVC中最 ...

  5. Spring6:基于注解的Spring MVC(上篇)

    什么是Spring MVC Spring MVC框架是一个MVC框架,通过实现Model-View-Controller模式来很好地将数据.业务与展现进行分离.从这样一个角度来说,Spring MVC ...

  6. 高性能的关键:Spring MVC的异步模式

    我承认有些标题党了,不过话说这样其实也没错,关于“异步”处理的文章已经不少,代码例子也能找到很多,但我还是打算发表这篇我写了好长一段时间,却一直没发表的文章,以一个更简单的视角,把异步模式讲清楚. 什 ...

  7. Java Spring mvc 操作 Redis 及 Redis 集群

    本文原创,转载请注明:http://www.cnblogs.com/fengzheng/p/5941953.html 关于 Redis 集群搭建可以参考我的另一篇文章 Redis集群搭建与简单使用 R ...

  8. 深入分析Spring 与 Spring MVC容器

    1 Spring MVC WEB配置 Spring Framework本身没有Web功能,Spring MVC使用WebApplicationContext类扩展ApplicationContext, ...

  9. spring mvc DispatcherServlet详解之前传---FrameworkServlet

    做项目时碰到Controller不能使用aop进行拦截,从网上搜索得知:使用spring mvc 启动了两个context:applicationContext 和WebapplicationCont ...

  10. 我是如何进行Spring MVC文档翻译项目的环境搭建、项目管理及自动化构建工作的

    感兴趣的同学可以关注这个翻译项目 . 我的博客原文 和 我的Github 前段时间翻译的Spring MVC官方文档完成了第一稿,相关的文章和仓库可以点击以下链接.这篇文章,主要是总结一下这个翻译项目 ...

随机推荐

  1. Communication System(dp)

    Communication System Time Limit: 1000MS Memory Limit: 10000K Total Submissions: 25006 Accepted: 8925 ...

  2. 使用NPOI随意创建Excel(含下拉列表)

    //创建工作簿 HSSFWorkbook ssfworkbook = new HSSFWorkbook(); //创建工作表(页) HSSFSheet sheet1 = ssfworkbook.Cre ...

  3. NYOJ(21),BFS,三个水杯

    题目链接:http://acm.nyist.net/JudgeOnline/problem.php?pid=21 BFS判环,vis标记状态即可. #include <stdio.h> # ...

  4. 如何把drawing图像转换成wpf控件的source

    此例以canvas为例 <Canvas>  <Image Stretch="Fill" Width="100" Height="10 ...

  5. Mysql-学习笔记(==》触发器 十一)

    -------触发器-------- USE db;SELECT FROM sss; CREATE TABLE sssbak LIKE sss;SHOW CREATE TABLE sss;SHOW C ...

  6. GetLastInputInfo计时用户离开电脑及软件在指定时间锁定等(转)

    /************************************************************************/ /* 说明: 调用函数GetLastInputIn ...

  7. Struts2的配置

    Struts2的配置 Struts2可以通过Convention插件管理Action和结果映射,也可以通过使用XML文件进行管理,这两种方式各有好处:使用Convention插件管理减少了XML文件的 ...

  8. crontab执行shell脚本

    */5 * * * * cd /data/**/ && ./*.sh * * * * * /bin/sh /home/*.sh

  9. 【leetcode❤python】110. Balanced Binary Tree

    #-*- coding: UTF-8 -*-#平衡二叉树# Definition for a binary tree node.# class TreeNode(object):#     def _ ...

  10. Java-基础编程(螺旋矩阵&乘法表)

    package cn.rick.study; import java.io.BufferedReader;import java.io.InputStreamReader;import java.ut ...